NTLM V2 with Wingate user database (updated)

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems

Moderator: Qbik Staff

NTLM V2 with Wingate user database (updated)

Postby pfgernaz » Jul 09 20 2:45 am

Hi, sorry to bug you, but I had posted this question over the past weekend and have not received any replies. Using NTLM configured as below and client sending domain WINGATE the log shows no Target Info block in the server challenge, which causes the client to abort the NTLM v2 handshake:
********** NTLM Start Server Challenge ************
NTLM Challenge (72 bytes) Hex: 4e 54 4c 4d 53 <SNIP>
[ 24] ChallengeData: 45 76 de 6d d4 8e a3 44
[ 40] Target Info: len: 0, offset: 0, value:
[ 48] Version: major 10, minor 0, build 18363, NTLM Revision 15
********** NTLM End Server Challenge ************

I've attached the NTLM handshake log.

Thanks for your help.

Previous post:
I’m running Wingate 9.4.1 (free license) on Windows 2012 R2 in an Active Directory domain. WWW Proxy auth is configured for NTLM Version 2 only (no second chance auth) using Wingate user database. The access rule re-authenticates all except authenticated users. For purposes of NTLM V2 handshake is the configured user associated with any Domain, e.g., Wingate or WINGATE?
Attachments
Wingate NTLM v2 handshake.png
NTLM v2 handshake
Wingate NTLM v2 handshake.png (196.76 KiB) Viewed 2714 times
pfgernaz
 
Posts: 2
Joined: Jul 06 20 5:52 am

Re: NTLM V2 with Wingate user database (updated)

Postby adrien » Jul 10 20 5:39 pm

With the WinGate user database, the accounts are managed and owned by WinGate.

If you want to use AD accounts, you would need to use the Active Directory user database.

BUT you can set up accounts in WinGate in the WinGate User Database, and if the username and password match the AD creds, then users will use integrated authentication due to the support for NTLM, so they shouldn't get password prompts in browsers etc.

Regards

Adrien de Croy
adrien
Qbik Staff
 
Posts: 5441
Joined: Sep 03 03 2:54 pm
Location: Auckland

Re: NTLM V2 with Wingate user database (updated)

Postby pfgernaz » Jul 11 20 7:53 am

Thanks for the clarification. I misunderstood that the Wingate user database entry by itself would be enough to authenticate the user with NTLM v2. Once I setup an AD user in that domain the auth worked perfectly.
pfgernaz
 
Posts: 2
Joined: Jul 06 20 5:52 am


Return to WinGate

Who is online

Users browsing this forum: No registered users and 40 guests

cron